Only hardware-assisted protection can deliver durable secure foundations

Abstract

Any software security mechanism exposes a threat and is vulnerable to attacks from hackers without a strong hardware security foundation. In hardware-based software protection, security is achieved using additional hardware, such as the Trusted Platform Module (TPM), secure coprocessors, smart cards, or a trusted processor mode. One objective of hardware protection is to ensure a secure runtime environment for operating systems or applications. Secure boot restricts the software that can be loaded onto a system to trusted signed software. TPMs enable the use of securely stored keys only after a user has supplied valid authentication or a system exhibits a specific software history. TPMs use platform certificates to attest to the platform environment that a third party will rely on when using the TPM. The strong hardware integrity and confidentiality protection removes physical disclosure and manipulation threats that exist on software-only protection systems.